I'm a passionate Cybersecurity Engineer with over 13 years of experience in IT and more than 6 years of dedication to computer security. With an offensive security mindset, I have worked with clients from around the globe to improve their defenses and reduce cybersecurity risk at multiple companies.
I'm always looking to upgrade my certifications, attend conferences, learn state-of-the-art technologies, and take training courses to stay on top of my field. I also run a blog dedicated to Cybersecurity and have reported vulnerabilities such as CVE-2014-5025, CVE-2018-15635, and CVE-2020-25106.
- Introducing TrailDiscover: Simplifying Access to Security Insights about CloudTrail Events
- Cybersecurity — It’s All About Trust
- Enhancing AWS GuardDuty Alerts with GuardDutyInsightfulAlerts
- Rigging the Rules: Manipulating AWS ALB to Mine Sensitive Data
- Distorting the Sync: How AWS AppSync Can Be Turned into an Attacker’s Backdoor
- How Attackers Can Misuse AWS CloudFront Access to Make It ‘Rain’ Cookies
- Ensuring Alert Readiness: Lessons from Schrödinger’s Cat
- What’s Missing in Your Vulnerability Management Strategy? Exploring CVSS, EPSS, KEV, and Beyond
- Are You Just Checking Boxes? Turning Compliance into Real Security
- When a Storm Hits the Cloud: Learning from the Microsoft Breach
- Enhancing Security for AWS Static Websites: A PoC Implementation of Honeytokens
- Cybersecurity, Here to Help: Preventing Extra Cognitive Load for Developers
- Analyzing the SCARLETEEL Attack: Proposed Alerts for Early Detection and Response
- Learning from the CircleCI incident with a tabletop exercise
- Laboratorio en AWS para análisis de malware